Page 3 of 13 results (0.005 seconds)

CVSS: 4.6EPSS: 0%CPEs: 17EXPL: 0

CVE-2011-1677 – util-linux: umount may fail to remove /etc/mtab~ lock file

https://notcve.org/view.php?id=CVE-2011-1677

mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. mount en util-linux v2.19 y anteriores no elimina el archivo lock /etc/mtab~ después de un intento fallido de añadir un punto de montaje, lo cual tiene un impacto no especificado y vectores de ataque locales. • http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/11 http://openwall.com/lists/oss-security/2011/03/04/12 http://openwall.com/lists/oss-security/2011/03/04/9 http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 http://openwall.com/lists/oss-security/2011/03/07/9 http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall •

CVSS: 3.3EPSS: 0%CPEs: 17EXPL: 2

CVE-2011-1676

https://notcve.org/view.php?id=CVE-2011-1676

mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations. mount in util-linux v2.19 y anteriores no elimina el fichero /etc/mtab.tmp después de un intento fallido de añadir un punto de montaje, lo que permite a usuarios locales provocar una corrupción del fichero /etc/mtab mediante múltiples llamadas. • http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/11 http://openwall.com/lists/oss-security/2011/03/04/12 http://openwall.com/lists/oss-security/2011/03/04/9 http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 http://openwall.com/lists/oss-security/2011/03/07/9 http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2008-1926 – util-linux: audit log injection via login

https://notcve.org/view.php?id=CVE-2008-1926

Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection." Vulnerabilidad de inyección de argumento en login (login-utils/login.c) de util-linux-ng 2.14 y anteriores, hace que atacantes remotos puedan esconder fácilmente sus actividades modificando partes del log de sucesos, como se ha demostrado añadiendo una sentencia "addr=" en el campo "name" del login, también conocido como "audit log injection." • http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973 http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782 http://secunia.com/advisories/29982 http://secunia.com/advisories/30014 http://secunia.com/advisories/35161 http://wiki.rpath.com/Advisories:rPSA-2009& • CWE-94: Improper Control of Generation of Code ('Code Injection') •